Tom Eastep
|
5b953cc1dd
|
Handle different layouts on the admin system and remote firewall(s)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-03 09:50:07 -07:00 |
|
Tom Eastep
|
8e5bd3637d
|
Implement stoppedrules file (less manpages)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-03 08:44:03 -07:00 |
|
Tom Eastep
|
7279553be4
|
Revert "Add GROUP zones"
This reverts commit 4f2a4c0c6c .
|
2012-09-02 11:08:38 -07:00 |
|
Tom Eastep
|
a6740c6c53
|
Revert "Assign marks to according to GROUP zones"
This reverts commit 3fbfafb6e3 .
|
2012-09-02 11:06:28 -07:00 |
|
Tom Eastep
|
3fbfafb6e3
|
Assign marks to according to GROUP zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-01 18:13:49 -07:00 |
|
Tom Eastep
|
353915fc8b
|
Allow ipsets in the routestopped file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-01 10:52:37 -07:00 |
|
Tom Eastep
|
e2c7284529
|
Correct handling of 'source' with ADMINISABSENTMINDED=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-09-01 08:26:31 -07:00 |
|
Tom Eastep
|
4f2a4c0c6c
|
Add GROUP zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-31 17:37:01 -07:00 |
|
Tom Eastep
|
deea614677
|
Placate the latest Emacs WRT qw/.../
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-31 17:36:38 -07:00 |
|
Tom Eastep
|
9b05146a85
|
New documents (WIP)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-30 10:06:58 -07:00 |
|
Tom Eastep
|
09a6f8bc16
|
Revert non-fatal error implementation
- In the end, I didn't like the way this worked.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-29 11:35:11 -07:00 |
|
Tom Eastep
|
303dc65d13
|
Merge branch '4.5.7'
|
2012-08-28 11:46:04 -07:00 |
|
Tom Eastep
|
d838cf41bf
|
Allow TTL and HL in the PREROUTING chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-28 11:45:32 -07:00 |
|
Tom Eastep
|
84e24325de
|
Merge branch '4.5.7'
|
2012-08-27 07:30:21 -07:00 |
|
Tom Eastep
|
3aca90811c
|
Clear the current comment at the end of the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-27 07:29:47 -07:00 |
|
Tom Eastep
|
7b12558249
|
Merge branch '4.5.7'
|
2012-08-26 09:18:16 -07:00 |
|
Tom Eastep
|
341dec0711
|
Another fix for the NOTRACK patch
- 3 defects in a two-line patch :-(
|
2012-08-26 09:17:57 -07:00 |
|
Tom Eastep
|
01b58bf66f
|
Merge branch '4.5.7'
|
2012-08-26 08:27:39 -07:00 |
|
Tom Eastep
|
dc21d015da
|
Clean up white-space in Togan's patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-26 08:27:24 -07:00 |
|
Tom Eastep
|
9e5d1cc1ce
|
Merge branch '4.5.7'
|
2012-08-26 08:11:40 -07:00 |
|
Tom Eastep
|
779243094e
|
Map NOTRACK to 'CT --notrack' if CT_TARGET is available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-26 08:08:57 -07:00 |
|
Tom Eastep
|
7208464c68
|
Change "Compilation aborted..." to "Check aborted ..."
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-25 08:10:12 -07:00 |
|
Tom Eastep
|
1067f8a9bb
|
Use the non-fatal error reporting feature for missing capabilities
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-24 06:25:29 -07:00 |
|
Tom Eastep
|
3006452cea
|
Unconditionally restore route mark in PREROUTING and OUTPUT.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-23 12:23:29 -07:00 |
|
Tom Eastep
|
e17010018c
|
Unconditionally restore route mark in PREROUTING and OUTPUT.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-23 12:15:14 -07:00 |
|
Tom Eastep
|
112312f2ee
|
Add non-fatal error capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-23 05:50:36 -07:00 |
|
Tom Eastep
|
dffd98dff7
|
Revert change that added CONTINUE as a valid content of the ADDRESSES column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-21 10:51:01 -07:00 |
|
Tom Eastep
|
c20611b6c0
|
Add CONTINUE keyword to the masq file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-20 18:09:59 -07:00 |
|
Tom Eastep
|
1fd9e5e95c
|
Compensate for silly RHEL bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-20 07:20:21 -07:00 |
|
Tom Eastep
|
7ac9e46e1f
|
Add a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 15:49:33 -07:00 |
|
Tom Eastep
|
0a4f26a318
|
Correct handling of existing notrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 14:46:48 -07:00 |
|
Tom Eastep
|
f6c4650624
|
Allow a notrack with nothing but FORMAT and COMMENT lines to be removed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 10:49:59 -07:00 |
|
Tom Eastep
|
3c35af9d8c
|
Merge branch 'master' into 4.5.7
|
2012-08-16 08:34:54 -07:00 |
|
Tom Eastep
|
1e11109bb2
|
Don't combine rules with '-m policy'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 08:34:30 -07:00 |
|
Tom Eastep
|
f59612671b
|
Don't optimize chains with '-m ipsec'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 07:33:01 -07:00 |
|
Tom Eastep
|
da4f7ee524
|
Handle ppp devices correctly in the 'enable' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-16 06:59:35 -07:00 |
|
Tom Eastep
|
b132176dae
|
Correct reference adjustment in new opt4 code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-14 13:36:39 -07:00 |
|
Tom Eastep
|
8487c78a0a
|
Adjust reference counts when splicing in short chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-14 08:34:51 -07:00 |
|
Tom Eastep
|
fdc45a990d
|
Arrange for HELPER to match in the RELATED section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-13 15:44:19 -07:00 |
|
Tom Eastep
|
44a550870c
|
Add HELPER action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-13 13:23:38 -07:00 |
|
Tom Eastep
|
bd3295b0e3
|
Remove temporary hack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-13 08:55:43 -07:00 |
|
Tom Eastep
|
45288f5927
|
Revise notrack/conntrack handling:
- Purge empty notrack files.
- Process both files.
|
2012-08-13 07:28:07 -07:00 |
|
Tom Eastep
|
75b830b10e
|
Merge branch 'master' into 4.5.7
|
2012-08-13 06:57:54 -07:00 |
|
Tom Eastep
|
4b2d48d621
|
Hardwire AUTOHELPERS until 4.5.8.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-13 06:48:19 -07:00 |
|
Tom Eastep
|
50362040d7
|
Enable automatic helper association during 'stop'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-12 08:46:06 -07:00 |
|
Tom Eastep
|
2f1d59366c
|
Unconditionally disable kernel automatic helper association during start.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-12 08:43:28 -07:00 |
|
Tom Eastep
|
b372163122
|
Enable automatic helper association during 'stop'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-12 08:42:53 -07:00 |
|
Tom Eastep
|
50bd1d6398
|
Add AUTOHELPER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-12 07:25:11 -07:00 |
|
Tom Eastep
|
e6ef32ebc2
|
Make conditional directives case insensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-11 08:48:35 -07:00 |
|
Tom Eastep
|
a5824dc2d4
|
Optimize extension
- Eliminate short chains with a single reference.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-08-11 08:47:10 -07:00 |
|